For example, to add a new IPv4 role-based access control rule, dropping all packets from any IPv4 address between 192.168.78.50 and 192.168.90.100 when the user is a member of the role "admin," and insert the rule above the 3rd rule, at the config:# prompt, type security roleBasedAccessControl ipv4 rule add 192.168.78.50 192.168.90.100 admin deny insertAbove 3, and press Enter. The original 3rd rule becomes the 4th rule.
<start_ip> is the starting IP address.
<end_ip> is the ending IP address.
<role> is the role for which you want to create an access control rule.
<policy> is one of these options:
allow – Accepts traffic from the specified IP address range when the user is a member of the specified role.
deny – Drops traffic from the specified IP address range when the user is a member of the specified role.
<insert> is one of the options:
|